package com.it.App.expression;

import com.it.App.entity.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * @Author: Coke
 * @DateTime: 2023/11/24/9:00
 * @注释: 自定义权限校验
 **/
@Component("MyEx") // 自定义一下容器中Bean的名字
public class MyExpressionRoot {
    public boolean hasAuthority(String authority){
        // 获取当前用户的权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> auths = loginUser.getAuths();
        // 判断用户权限集合中是否存在authority
        return auths.contains(authority);
    }
}
